package com.example.ch04jdbcuser.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @description:
 * @author:ScorpioWang
 * @date:2021-10-31-20-38
 */
@Configuration  //表示当前类是一个配置类，这个类方法的返回值是java对象，这些对象放入到spring容器中
@EnableWebSecurity  //启用SpringSecurity安全框架功能
@EnableGlobalMethodSecurity(prePostEnabled = true) //启用方法级别的认证
public class MyWebSecurity extends WebSecurityConfigurerAdapter {
    // 在此方法中配置用户和密码信息，作为登录的数据
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        // 设置密码的编码器
        BCryptPasswordEncoder encoder=new BCryptPasswordEncoder();

        //定义两个角色normal，admin
        auth.inMemoryAuthentication().passwordEncoder(encoder)
                .withUser("wang").password(encoder.encode("123")).roles("normal")
                .and()
                .withUser("jin").password(encoder.encode("123")).roles("admin")
                .and()
                .withUser("jinjin").password(encoder.encode("123")).roles("normal","admin");
    }
}
